Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Firewall technology

from [Chris Clymer] Network Security [Permanent Link]
Subject: Re: Firewall technology
Date: Fri, 06 Jan 2006 09:59:40 -0500 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason,

What you describe exists.  This is exactly what Smoothwall is:  a nice
web-based user-friendly frontend to all of your favorites:  iptables,
clamav, squid, openvpn, snort, etc.

Theres also the open source Monowall, which is slim enough to run off
of a floppy, but lacks some of the features of Smoothwall...off the
top of my head, i don't believe it can handle the overhead of content
filtering.

Astaro is also a commercial offering thats really just a user-friendly
frontend to these same open source tools.  I haven't used it
personally so I know less about it, but i've heard good things.

Chris Clymer

Barrett, Jason wrote:


<!-- /* Font Definitions */ @font-face {font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;} /* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in;
margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New
Roman";} a:link, span.MsoHyperlink {color:blue;
text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed
{color:#606420; text-decoration:underline;} p
{mso-margin-top-alt:auto; margin-right:0in;
mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt;
font-family:"Times New Roman";} span.EmailStyle17
{mso-style-type:personal-reply; font-family:"Courier New";
color:navy;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in
1.0in 1.25in;} div.Section1 {page:Section1;} -->

Hi Coder!



Why not make your thesis about using open source security
technologies, and developing management devices to enable small
companies to utilize open source technologies without a full time
admin? Someone else suggested IPTABLES, which I love. Core Force
is an open personal firewall. SNORT is an open IPS with lots of
community support. OpenVPN is an open SSL VPN technology. The
open source community is chock-full of useful technologies for
security, albeit sometimes difficult for small companies to
implement.



A set of management tools that eases this implementation, or that
allows small integrators to fully manage a number of SMB clients,
in my opinion, would be a substantial contribution to the open
source community. I?ve been thinking about getting into this
market myself (from a system engineering and support standpoint),
because I agree that the SMB market lacks the resources to
implement many of these technologies.



Whatever you decide to do, let us know and share your insight!

Jason A. Barrett



----------------------------------------------------------------------


*From:* coder [mailto:elite.coder@ntlworld.com] *Sent:* Thursday,
December 29, 2005 4:01 PM *To:* firewalls@securityfocus.com
*Subject:* RE: Firewall technology



Ok, so there are solutions that already exist, but how good are
they fore small companies with limited financial resources?



I myself am a network admin, the company I work for has about 20
PCs and 4 servers. The company really only has just enough to pay
the wages each month so an expensive firewall system is out of the
question (I assume symantec, checkpoint and zonealarm are all very
expensive), also I do a lot of application developement for them
and sometimes write my own protocol for client-server software.



Also I am called out to build networks for other small companies
with limited financial resources. One thing I have noticed with the
company I work for and the other smaller companies is that they
dont have a full time net admin (and in some cases they dont have
one at all), and as they dont have Active Directory (the company I
work for does, but the ones I build networks for do not) or
equivelent, there is a 100% possibility of them getting some
malware on their desktops.



Im thinking for the thesis, I can say the current firewall
technology is time consuming to setup, expensive and requires a
full-time network admin to maintain the system. And I can then say
that I shall develope a new firewall system that is cheaper and
does not require a full time admin to maintain.



Does this sound reasonable?



Thanks



~Davie Elliott





-------- Original Message --------



Hello everyone,

I wanted to get the opinions of experts before I carry on with my
project. I am curently writting a thesis on the limitations of
firewall technology, for now it seems that firewall technology for
the gateway is pretty much covered. However, noone seems to have
focused on firewall technology for clients (on big networks), home
firewalls such as ZoneAlarm are useless for a network with many PCs
because it cant be managed centrally and it asks the user if they
want to create a new rule when somthing tries to get out.

In my thesis I was going to say that these are the problems and the
solutions was to write a firewall system that can be managed
centrally (via web interface), also for technical universities
where students maybe writting network software and using their own
protocols, I was going to see if I could create some kind of
"protocol creator" for admins. Originally my thesis was going to be
about security corporation sized networks, but in my research I
have come across a few other things.

IEEE802.1x and IPSec can apparently replace client-side firewalls,
I dont really know much about those two technologies, but I am
still researching. If these two techologies are better than
client-side firewalls and or cost less, I shall focus my thesis on
small company networks (who cant afford good network technology or
a full-time net admin).

My thesis was going to be centered around the fact that machines
within huge networks get infected by malware and such, either by
websites or via removable media, I am hoping that my firewall I
idea would: stop sending keylogger and spyware details back to the
"hacker" and stop viruses/worms spreading from the infected client.


So, what client-side technologies do corporations use (if any)? Are
there any limitations for IPSec and 802.1X? What are your opinions
on what I was saying about client-side firewalls?

Thank you for your answers,

Davie Elliott.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDvoXcyAc5jM0nFbgRAkxbAKC5COqUqVzgIHjF4pByoY4CYX2/ngCfdhwG
qIjzebzdMef/1pUKUBKuvn4=
=T6GM
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Research Help, SUKHVINDER GILL
Next by Date:  Re: Log analyzers, Serg B.
Previous by Thread:  RE: Firewall technology, Robin . Toornstra
Next by Thread:  Strange entries in Cisco PIX 515e, Compuoso
Indexes:  [Date] [Thread] [Top] [All Lists]